Click here to download all references as Bib-File.

Enter keywords to filter the library entries below or Propose new Entry
2023ThreatMonThreatMon Malware Research Team, Seyit Sigirci (@h3xecute)
@online{team:2023:konni:9f6c4dc, author = {ThreatMon Malware Research Team and Seyit Sigirci (@h3xecute)}, title = {{The Konni APT Chronicle: Tracing Their Intelligence-Driven Attack Chain}}, date = {2023}, organization = {ThreatMon}, url = {https://threatmon.io/the-konni-apt-chronicle-tracing-their-intelligence-driven-attack-chain/}, language = {English}, urldate = {2023-11-22} } The Konni APT Chronicle: Tracing Their Intelligence-Driven Attack Chain
Konni
2022-11-03Github (chronicle)Chronicle
@online{chronicle:20221103:gcti:dc42ba8, author = {Chronicle}, title = {{GCTI Open Source Detection Signatures}}, date = {2022-11-03}, organization = {Github (chronicle)}, url = {https://github.com/chronicle/GCTI}, language = {English}, urldate = {2022-11-25} } GCTI Open Source Detection Signatures
Cobalt Strike Sliver
2022-04-27Medium elis531989Eli Salem
@online{salem:20220427:chronicles:c55d826, author = {Eli Salem}, title = {{The chronicles of Bumblebee: The Hook, the Bee, and the Trickbot connection}}, date = {2022-04-27}, organization = {Medium elis531989}, url = {https://elis531989.medium.com/the-chronicles-of-bumblebee-the-hook-the-bee-and-the-trickbot-connection-686379311056}, language = {English}, urldate = {2022-04-29} } The chronicles of Bumblebee: The Hook, the Bee, and the Trickbot connection
BumbleBee TrickBot
2021-07-06CybereasonTom Fakterman
@online{fakterman:20210706:cybereason:1e0b80a, author = {Tom Fakterman}, title = {{Cybereason vs. REvil Ransomware: The Kaseya Chronicles}}, date = {2021-07-06}, organization = {Cybereason}, url = {https://www.cybereason.com/blog/cybereason-vs-revil-ransomware-the-kaseya-chronicles}, language = {English}, urldate = {2021-07-12} } Cybereason vs. REvil Ransomware: The Kaseya Chronicles
REvil
2021-04-28IBMLimor Kessem
@online{kessem:20210428:sodinokibi:38fd348, author = {Limor Kessem}, title = {{The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash}}, date = {2021-04-28}, organization = {IBM}, url = {https://securityintelligence.com/posts/sodinokibi-revil-ransomware-disrupt-trade-secrets/}, language = {English}, urldate = {2021-05-03} } The Sodinokibi Chronicles: A (R)Evil Cybercrime Gang Disrupts Organizations for Trade Secrets and Cash
REvil
2020-12-04Kaspersky LabsOleg Kupreev
@online{kupreev:20201204:chronicles:faab5a6, author = {Oleg Kupreev}, title = {{The chronicles of Emotet}}, date = {2020-12-04}, organization = {Kaspersky Labs}, url = {https://securelist.com/the-chronicles-of-emotet/99660/}, language = {English}, urldate = {2020-12-08} } The chronicles of Emotet
Emotet
2020-09-24CAROMark Lechtik, Giampaolo Dedola
@online{lechtik:20200924:cycldek:8b488b1, author = {Mark Lechtik and Giampaolo Dedola}, title = {{Cycldek aka Goblin Panda: Chronicles of the Goblin}}, date = {2020-09-24}, organization = {CARO}, url = {https://drive.google.com/file/d/11otA_VmL061KcFC5MhDYuNdIKHYbpyrd/view}, language = {English}, urldate = {2020-09-25} } Cycldek aka Goblin Panda: Chronicles of the Goblin
NewCore RAT USBCulprit
2019-05-15ChronicleSilas Cutler, Juan Andrés Guerrero-Saade
@online{cutler:20190515:winnti:269a852, author = {Silas Cutler and Juan Andrés Guerrero-Saade}, title = {{Winnti: More than just Windows and Gates}}, date = {2019-05-15}, organization = {Chronicle}, url = {https://medium.com/chronicle-blog/winnti-more-than-just-windows-and-gates-e4f03436031a}, language = {English}, urldate = {2019-10-14} } Winnti: More than just Windows and Gates
Winnti APT41
2019-04-09Chronicle SecurityJuan Andrés Guerrero-Saade, Silas Cutler
@techreport{guerrerosaade:20190409:oldest:062ea25, author = {Juan Andrés Guerrero-Saade and Silas Cutler}, title = {{The Oldest Stuxnet Component Dials Up}}, date = {2019-04-09}, institution = {Chronicle Security}, url = {https://storage.googleapis.com/chronicle-research/STUXSHOP%20Stuxnet%20Dials%20In%20.pdf}, language = {English}, urldate = {2019-12-04} } The Oldest Stuxnet Component Dials Up
FlowerShop Stuxnet
2019-04-09Chronicle SecurityJuan Andrés Guerrero-Saade, Silas Cutler
@techreport{guerrerosaade:20190409:flame:4ce4c10, author = {Juan Andrés Guerrero-Saade and Silas Cutler}, title = {{Flame 2.0: Risen from the Ashes}}, date = {2019-04-09}, institution = {Chronicle Security}, url = {https://github.com/juanandresgs/papers/raw/master/Flame%202.0%20Risen%20from%20the%20Ashes.pdf}, language = {English}, urldate = {2022-11-18} } Flame 2.0: Risen from the Ashes
Flame
2015-04-15Kaspersky LabsCostin Raiu, Maxim Golovkin
@online{raiu:20150415:chronicles:aa4af84, author = {Costin Raiu and Maxim Golovkin}, title = {{The Chronicles of the Hellsing APT: the Empire Strikes Back}}, date = {2015-04-15}, organization = {Kaspersky Labs}, url = {https://securelist.com/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/69567/}, language = {English}, urldate = {2021-02-06} } The Chronicles of the Hellsing APT: the Empire Strikes Back
GRILLMARK Hellsing
2015-04-15Kaspersky LabsCostin Raiu, Maxim Golovkin
@online{raiu:20150415:chronicles:49b4463, author = {Costin Raiu and Maxim Golovkin}, title = {{The Chronicles of the Hellsing APT: the Empire Strikes Back}}, date = {2015-04-15}, organization = {Kaspersky Labs}, url = {https://securelist.com/analysis/publications/69567/the-chronicles-of-the-hellsing-apt-the-empire-strikes-back/}, language = {English}, urldate = {2019-12-20} } The Chronicles of the Hellsing APT: the Empire Strikes Back
Hellsing